Mac OS X : Safari < 6.1 Multiple Security Vulnerabilities
PVS ID: 8048 FAMILY: Web Clients RISK: MEDIUM NESSUS ID:70563
Description: Synopsis :\n\nThe remote host contains a web browser that is affected by multiple security vulnerabilities.\n\nThe remote Mac OS X host has Safari installed. Versions of Safari earlier than 6.1 are reportedly affected by the following vulnerabilities:\n\n - A bounds-checking issue exists related to handling XML files. (CVE-2013-1036)\n\n - Multiple memory corruption vulnerabilities exist in WebKit that could lead to unexpected program termination or arbitrary code execution. (CVE-2013-1037, CVE-2013-1038, CVE-2013-1039, CVE-2013-1040, CVE-2013-1041, CVE-2013-1042, CVE-2013-1043, CVE-2013-1044, CVE-2013-1045, CVE-2013-1046, CVE-2013-1047, CVE-2013-2842, CVE-2013-5125, CVE-2013-5126, CVE-2013-5127, CVE-2013-5128)\n\n - An error exists related to URL handling that could lead to information disclosure. (CVE-2013-2848)\n\n - A cross-site scripting issue exists in WebKit's handling of URLs and drag-and-drop operations. (CVE-2013-5129, CVE-2013-5131)\n\n - Using 'Web Inspector' could negate 'Private Browsing' protections leading to information disclosure. (CVE-2013-5130)\n\nFor your information, the observed version of OS X Safari is : \n %L

Solution: Upgrade to Safari 6.1 or later.

CVE-2013-5131


Copyright Tenable Network Security Inc. 2013